System, device, and method of detecting identity of a user of a mobile electronic device

ABSTRACT

A method for confirming identity of a user of a mobile electronic device, the method including: receiving touch data from a touch-screen of the mobile electronic device; receiving acceleration data from an accelerometer of the mobile electronic device; correlating between the touch data and the acceleration data; based on the correlating, generating a user-specific trait indicative of said user. The method further includes storing a reference value of the user-specific trait, indicative of said user; in a subsequent usage session of the mobile electronic device, generating a current value of the user-specific trait correlating between touch data and acceleration data; and based on a comparison between the current value of the user-specific trait and the reference value of the user-specific trait, determining whether or not a current user of the mobile electronic device is an authorized user of the mobile electronic device.

CROSS-REFERENCE TO RELATED APPLICATIONS

The present application is a Continuation-In-Part (CIP) of U.S. patentapplication Ser. No. 13/877,676, titled “Method and Device forConfirming Computer End-User Identity”, filed on Apr. 4, 2013 which ishereby incorporated by reference in its entirety; which is a NationalPhase filing of PCT International Application number PCT/IL2011/000907,titled “Method and Device for Confirming Computer End-User Identity”,filed on Nov. 29, 2011, published as International Publication numberWO/2012/073233, which is hereby incorporated by reference in itsentirety; which claims priority and benefit from U.S. provisional patentapplication No. 61/417,479, titled “Biological and BehavioralAuthentication Method and System”, filed on Nov. 29, 2010, which ishereby incorporated by reference in its entirety.

FIELD

The present invention is related to the security of electronic devicesand systems.

BACKGROUND

Millions of people around the world utilize mobile electronic devices,such as smartphones and tablets, in order to perform various activities.Such activities may include, for example, browsing the Internet, sendingand receiving electronic mail (email) messages, taking photographs andvideos, engaging in a video conference or a chat session, playing games,or the like.

Some activities may be privileged, or may require authentication of theuser in order to ensure that only an authorized user engages in theactivity. For example, a user may be required to enter a username and apassword in order to access an email account, or in order to access anonline banking interface or website.

SUMMARY

The present invention may include, for example, systems, devices, andmethods for detecting identity of a user of a mobile electronic device,and for determining that a mobile electronic device is used by afraudulent user.

In accordance with the present invention, for example, a method forconfirming identity of a user of a mobile electronic device maycomprise: receiving touch data from a touch-screen of the mobileelectronic device; receiving acceleration data from an accelerometer ofthe mobile electronic device; correlating between the touch data and theacceleration data; based on the correlating, generating a user-specifictrait indicative of said user.

In accordance with the present invention, for example, the method maycomprise: storing a reference value of the user-specific trait,indicative of said user; in a subsequent usage session of the mobileelectronic device, generating a current value of the user-specific traitcorrelating between touch data and acceleration data; and based on acomparison between the current value of the user-specific trait and thereference value of the user-specific trait, determining whether or not acurrent user of the mobile electronic device is an authorized user ofthe mobile electronic device.

In accordance with the present invention, for example, storingcomprises: storing within said mobile electronic device; and saidcomparison is performed within said mobile electronic device.

In accordance with the present invention, for example, storing comprisesstoring externally to said mobile electronic device; and said comparisonis performed externally to said mobile electronic device, and compriseswirelessly receiving at the mobile electronic device an indication ofsaid comparison.

In accordance with the present invention, for example, said touch datacomprises non-tactile touch data indicating a hovering user gesture inproximity to said touch-screen.

In accordance with the present invention, for example, the method maycomprise: receiving gyroscope data from a gyroscope of the mobileelectronic device; correlating between the touch data and the gyroscopedata; based on the correlating between the touch data and the gyroscopedata, generating another user-specific trait indicative of said user.

In accordance with the present invention, for example, the method maycomprise: capturing non-tactile motion data indicating a user gesture;correlating between the non-tactile motion data and the accelerationdata; based on the correlating between the non-tactile motion data andthe acceleration data, generating another user-specific trait indicativeof said user.

In accordance with the present invention, for example, the method maycomprise: comparing between (a) a currently-calculated value of theuser-specific trait, corresponding to a current usage of the mobileelectronic device, and (b) a previously-calculated value of theuser-specific trait, corresponding to a previous usage of the mobileelectronic device; and based on a comparison result, performing at leastone of: restricting access of said user to an online service;restricting access of said user to an application installed on saidmobile electronic device; requiring the user to authenticate hisidentity to an online service; requiring the user to authenticate hisidentity to an application installed on said mobile electronic device.

In accordance with the present invention, for example, the method maycomprise: based on said touch data, estimating user-specific motorcontrol parameters and user-specific motor control noise; and based onthe estimated user-specific motor control parameters and user-specificmotor control noise, differentiating between said user and another user.

In accordance with the present invention, for example, the method maycomprise: based on said touch data, estimating user-specific motorcontrol parameters and user-specific motor control noise of a controlloop which comprises translation error and gesture velocity error; andbased on the estimated user-specific motor control parameters anduser-specific motor control noise, differentiating between said user andanother user.

In accordance with the present invention, for example, the method maycomprise: based on said correlating, estimating a user-specificphysiological trait of said user; and based on the user-specificphysiological trait, differentiating between said user and another user.

In accordance with the present invention, for example, estimating theuser-specific physiological trait of said user comprises at least oneof: estimating a length of a finger of the user; estimating a width of afinger of the user; estimating a size-related parameter of a finger ofthe user; estimating a distance between a tip of a finger of the userand another part of a hand of the user.

In accordance with the present invention, for example, the method maycomprise: based on said correlating, estimating a user-specificbehavioral trait of said user; and based on the user-specific behavioraltrait, differentiating between said user and another user.

In accordance with the present invention, for example, estimating theuser-specific behavioral trait of said user comprises: determining thatsaid user typically performs a particular inadvertent gesture whileperforming a user-intended input-providing gesture.

In accordance with the present invention, for example, estimating theuser-specific behavioral trait of said user comprises one or more of:determining that said user typically moves the mobile electronic deviceat a particular direction while performing a touch gesture; determiningthat said user typically rotates the mobile electronic device whileperforming a touch gesture; determining that said user typically slantsthe mobile electronic device at a particular angle while performing atouch gesture.

In accordance with the present invention, for example, estimating theuser-specific behavioral trait of said user comprises: determining thatsaid user typically holds the mobile electronic device with a first handof the user and concurrently performs an input-providing gesture with asecond hand of the user.

In accordance with the present invention, for example, estimating theuser-specific behavioral trait of said user comprises: determining thatsaid user typically holds the mobile electronic device with a singlehand and concurrently performs an input-providing gesture with saidsingle hand.

In accordance with the present invention, for example, the method maycomprise: based on said correlating, estimating a first user-specificbehavioral trait of said user which corresponds to a first usagescenario; based on said correlating, estimating a second user-specificbehavioral trait of said user which corresponds to a second usagescenario; based on the first and second user-specific behavioral traits,differentiating between said user and another user.

In accordance with the present invention, for example, the method maycomprise: based on said correlating, estimating a first user-specificbehavioral trait of said user which corresponds to a first usagescenario in which said user operates said mobile electronic device whilethe user holds said mobile electronic device; based on said correlating,estimating a second user-specific behavioral trait of said user whichcorresponds to a second usage scenario in which said user operates saidmobile electronic device while the user does not hold said mobileelectronic device; based on the first and second user-specificbehavioral traits, differentiating between said user and another user.

In accordance with the present invention, for example, a mobileelectronic device may be configured to confirm identity of a user ofsaid mobile electronic device; the mobile electronic device comprising:a touch-screen to receive touch data; an accelerometer to receiveacceleration data; a correlator module to correlate between the touchdata and the acceleration data; a trait extractor module to generate auser-specific trait indicative of said user, based on correlationbetween the touch data and the acceleration data.

The present invention may provide other and/or additional benefits oradvantages.

BRIEF DESCRIPTION OF THE DRAWINGS

For simplicity and clarity of illustration, elements shown in thefigures have not necessarily been drawn to scale. For example, thedimensions of some of the elements may be exaggerated relative to otherelements for clarity of presentation. Furthermore, reference numeralsmay be repeated among the figures to indicate corresponding or analogouselements. The figures are listed below.

FIG. 1 is a schematic block diagram illustration of a mobile electronicdevice, in accordance with some demonstrative embodiments of the presentinvention;

FIG. 2 is an illustration of three graphs, which demonstrateacceleration as a function of time over three separate axes, inaccordance with some demonstrative embodiments of the present invention;

FIG. 3 is an illustration of a graph of the main axes ofdimension-reduced space of accelerometer reaction to tapping, inaccordance with some demonstrative embodiments of the present invention;

FIG. 4 is an illustration of a graph depicting feature space, inaccordance with some demonstrative embodiments of the present invention;and

FIG. 5 is a flow-chart of a method in accordance with some demonstrativeembodiments of the present invention.

DETAILED DESCRIPTION OF THE PRESENT INVENTION

In the following detailed description, numerous specific details are setforth in order to provide a thorough understanding of some embodiments.However, it will be understood by persons of ordinary skill in the artthat some embodiments may be practiced without these specific details.In other instances, well-known methods, procedures, components, unitsand/or circuits have not been described in detail so as not to obscurethe discussion.

Applicants have realized that each user of a mobile electronic devicemay handle the device in a unique manner which may be detected and maybe utilized for confirming the identity of the user, or for othersecurity-related purposes or fraud-detection purposes. Applicants haverealized, for example, that different users cause different type ofacceleration to the mobile device when they perform the same operationor touch-gesture (e.g., swiping or tapping or scrolling on thetouch-screen), or may tilt or rotate or slant the mobile device indifferent, unique ways when they perform such gestures or operations.

The present invention may include, for example, biometric modalities,personal trait extraction modalities, and/or identity authenticationmodalities which may be used in conjunction with a mobile or portableelectronic device, and may utilize a combination of (or correlationbetween) acceleration parameters and/or touch data. Such parameters maybe used in order to deduce unique insights regarding the identity orpossible identity of the user of the mobile electronic device, or inorder to determine whether or not the user is considered to be the“genuine” user, or in contrast, an attacker or impersonator or“fraudster”.

The present invention may capture, monitor, or otherwise utilize fordeduction of insights, the coupling or correlation between (a)touch-screen interaction, or other user gestures, and (b)accelerometer(s) measurements and/or gyroscope(s) measurements. Thepresent invention may further deduce and/or utilize one or more otherbiometric traits or identity-authentication traits, for example, touchor swipe locations, pressure dynamics, identification of physiologicalregions (e.g., in the hand of the user) that move while other regions donot move when a user gesture is performed, or other suitable traits inorder to assist in identification and/or authentication of the user ofthe mobile device.

The present invention may sufficiently capture unique qualities of ahuman user to be usable as a biometric for authentication. Differentpeople may have different preferred orientations for holding or grasping(e.g., in their hand) a mobile device, and/or a different way in whichthey press or touch or tap the touch-screen (e.g., the applied force,the duration of the tapping, or the like).

Applicants have realized that physical traits such as, for example, handsize, hand mass, or other traits, may change the way in which a user'sinteracting hand and his device-holding hand are correlated. In ademonstrative example, the present invention may distinguish ordifferentiate between (a) a person who is using one single hand for bothholding the mobile device and tapping on its touch-screen (or performingother touch gesture), and (b) a person who is using one hand to hold themobile device and another hand to tap on its touch-screen (or to performother touch gesture or user gesture).

Moreover, as Applicants have realized, different tap locations (e.g.,top-left corner or region of the touch-screen, versus bottom-rightcorner or region) may create different torque(s) on the mobile device,further depending on the tap strength, the offset of the mobile devicein the hand (e.g., the device being held high or low, with the palm areaor the fingers area, or the like) and/or the size of the hand (e.g., ifthe same hand is used for both holding the device and tapping on itstouch-screen).

The terms “mobile device” or “mobile electronic device” as used hereinmay include, for example, a smartphone, a cellular phone, a mobilephone, a tablet, a handheld device, a portable electronic device, aportable gaming device, a portable audio/video player, or the like.

The term “genuine user” as used herein may include, for example, anowner of a mobile electronic device; a legal or lawful user of a mobileelectronic device; an authorized user of a mobile electronic device; aperson who has legal authorization and/or legal right to utilize amobile electronic device, for general purpose(s) and/or for one or moreparticular purpose(s); or the person who had originally defined usercredentials (e.g., username and password) for performing an activitythrough the mobile electronic device.

The term “fraudulent user” as used herein may include, for example, anyperson who is not the “genuine user” of the mobile electronic device; anattacker; an intruder; a man-in-the-middle attacker; aman-in-the-browser attacker; an unauthorized user; an impersonator; ahacker; a cracker; a person attempting to hack or crack or compromise asecurity measure utilized by the mobile electronic device or utilized byan activity or service accessible through the mobile electronic device;a fraudster; a human fraudster; a “bot” or a malware or an automatedcomputerized process (e.g., implemented by using software modules and/orhardware components) which attempts to imitate human behavior or whichattempts to act as if such “bot” or malware or process was the genuineuser; or the like.

The term “user gesture” as used herein may include, for example, agesture or movement or other operation that a user of a mobile deviceperforms on a touch-screen of the mobile device, or performs inproximity to the touch-screen of the mobile device; touch gesture; tapgesture or double-tap gesture or prolonged tap gesture; scroll gesture;drag gesture, or drag-and-drop gesture; release gesture; click ordouble-click gesture; hovering gestures, in which the user may hoverwith his finger(s) or hand(s) in proximity to the touch-screen of themobile device but without necessarily touching the touch-screen device;hovering gestures that may be captured by a camera of the mobile device,or by a touch-screen of the mobile device (e.g., by taking into accountelectrical and/or magnetic effects of such gestures); hovering gestureswhich may be generally similar to touch-free hovering gestures that aSamsung Galaxy S4 smartphone is able to detect; finger(s) gesturesand/or hand(s) gestures made in a three-dimensional space, for example,similar to movement gestures that a Microsoft Kinect motion sensinginput device is able to sense; and/or a combination of such gestures orother gestures.

Reference is made to FIG. 1, which is a schematic block diagramillustration of a mobile device 100 in accordance with the presentinvention. Mobile device 100 may comprise, for example, a processor 101,a memory unit 102, a storage unit 103, a wireless transceiver 104, atouch-screen 105, one or more accelerometers 106, and one or moregyroscopes 107. Mobile device 100 may further comprise, for example, oneor more hovering sensors 108, one or more motion gesture sensor(s) 109,a correlator 131, a trait extractor 132, a trait repository 133, aprofile constructor module 134, an identity authenticator module 135,and a physiological trait estimator 139. Mobile device 100 may compriseother suitable hardware components and/or software modules, for example,a power source (e.g., a rechargeable battery), an Operating System,software applications, or the like.

Touch-screen 105 may receive user gestures, for example, tapping,double-tapping, dragging, pressing, holding down, releasing, scrolling,pinching fingers for zoom-out, spreading fingers for zoom-in, or thelike). Touch data may be stored in a touch data repository 125,optionally in association with a time-stamp associated with each touchdata-item being stored.

Accelerometer(s) 106 may comprise, for example, a three-axisaccelerometer able to measure acceleration, separately, along three axes(X axis, Y axis, Z axis). Accelerometer readings may be stored in anacceleration data repository 126, optionally in association with atime-stamp associated with each acceleration data-item being stored.

Gyroscope(s) 107 may comprise, for example, a three-axis gyroscope ableto measure orientation and/or rotation, e.g., separately along threeaxes (X axis, Y axis, Z axis). The measured data may be stored in agyroscope data repository 127, optionally in association with atime-stamp associated with each orientation/rotation data-item beingstored.

Hovering sensor(s) 108 may comprise, for example, one or more sensors(e.g., optical sensors, magnetic sensors, electric sensors, touch-screencomponents, camera components, or the like) able to sense hoveringgesture(s) of the user of device 100, for example, in athree-dimensional space or separately along three axes (X axis, Y axis,Z axis). The measured data may be stored in a hovering data repository128, optionally in association with a time-stamp associated with eachhovering data-item being stored.

Motion gesture sensor(s) 109 may comprise, for example, one or moresensors able to sense motion gesture(s) of the user of device 100, forexample, in a three-dimensional space or separately along three axes (Xaxis, Y axis, Z axis). The measured data may be stored in a motiongesture data repository 129, optionally in association with a time-stampassociated with each motion gesture data-item being stored.

Correlator 131 may search for, or identify or determine, correlationamong (a) acceleration data and/or gyroscope data, and (b) touch dataand/or hovering data and/or motion gesture data. Trait extractor 132 maydetermine one or more user-specific traits or characteristics which maybe, or may appear to be, unique to (or indicative of) a particular user,based on one or more correlation(s) identified by correlator 131. Traitvalues or trait indicators, or data indicative of extracteduser-specific traits, may be stored in a trait repository 133.

Profile constructor module 134 may utilize a learning algorithm toconstruct a user profile based on the one or more user-specific traitsidentified by trait extractor 132 and stored in trait repository 133.Profile construction may be performed over a pre-defined time period(e.g., five hours, or three days) of the user interacting with device100; or over a pre-defined number of interactions (e.g., 12 or 25 or 100interactions) of the user with device 100. Optionally, profileconstructor module 134 may dynamically extend or shorten or modify therequired time-period or interaction number, for example, if traits of aparticular user are distinctive and are rapidly extracted over a shorterperiod of time or over a smaller number of user interactions.Constructed user profiles may be stored in a user profile repository,which may be internal to device 100 or may be external thereto (e.g., ina remote server or in a “cloud computing” server), optionally with anassociated flag or parameter indicating whether a particular userprofile is fully constructed or under construction.

Identity authenticator module 135 may capture one or more traits of auser who is currently utilizing device 100, and may analyze anddetermine whether or not these traits are similar to, or different from,user-specific traits in a user profile associated with a user that isbelieved to be a “genuine” user of device 100. The analysis results maybe notified by identity authenticator module 135 to other units ormodules, within device 100 (e.g., an application or process running indevice 100) and/or externally to device 100 (e.g., on a remote server,on a remote web-site or web-page, in a “cloud” server or device).

For example, if the analysis indicates that the current user of device100 is not the genuine user, then, one or more fraud-stopping operationsor additional authentication operations may be triggered and performed,for example, requiring the user to re-enter his password or pass-phraseor Personal Identification Number (PIN), requiring the user to answerone or more security questions, requiring the user to perform log-inoperations or to provide account details (e.g., to provide date-of-birthdata), requiring the user to place a phone call to a fraud department ora security department of a service or entity associated with anapplication running on device 100; blocking or restricting or curtailingaccess of the user to one or more services or features which may begenerally available through device 100; or the like.

Correlator 131 may identify user-specific physiological correlations.For example, correlator 131 may identify one or more geometric place(s),on touch-screen 105 or in a space proximate to touch-screen 105, inwhich a user gesture is associated with movement of a user body part(e.g., the thumb; one or more fingers; the palm or wrist) while alsobeing associated with rest or non-movement of other body parts of theuser. Based on the user-specific physiological correlations, traitextractor 132 may extract user-specific physiological trait(s).

In a demonstrative example, trait extractor 132 may determine that forthe user Adam, a vertical scroll-down touch-gesture is typicallyassociated with movement of the root of the thumb, while the otherfingers are at rest and while the wrist or palm-base are at rest;whereas, for the user Bob, a vertical scroll-down touch-gesture istypically associated with both movement of the root of the thumb, aswell as with slight rotational movement of fingers that hold or supportthe rear of the mobile device, and while the wrist or palm-base are atrest. This may be subsequently used for user authentication or foridentity confirmation, to distinguish between a “genuine” user (e.g.,Adam) and a fraudulent user or non-genuine user (e.g., Bob) when theuser of device 100 performs a similar user gesture.

In another demonstrative embodiment, correlator 131 may determine thatthe user of device 100 (e.g., the “genuine” user), while performing aprimary gesture or an intended gesture (e.g., required in order toprovide user input to device 100), typically also performs a secondarygesture an inadvertent gesture (e.g., not required in order to provideuser input to device 100). For example, the primary gesture may be ascrolling gesture, a zoom-in or zoom-out gesture, a dragging gesture, atapping gesture, or other user input gesture; whereas, the secondarygesture (e.g., the inadvertent or unintended gesture, to which the usermay not even be aware) may be, for example, slight or significantrotating or spinning of device 100, slight or significant movement ofdevice 100 (e.g., in a particular direction), slight or significanttilting or slanting of device 100 (e.g., at a particular angle orrange-of-angles), or the like.

In another demonstrative embodiment, correlator 131 may be associatedwith, or may operate in conjunction with, physiological trait estimator139 which may be able to indirectly estimate one or more physiologicaltraits or physiological characteristics of the user of device 100, andparticularly, of the hand(s) or finger(s) (e.g., a finger, a thumb, orthe like) of that user. For example, physiological trait estimator 139may estimate a width of a finger or thumb based on a width of a swipingtrace performed by the finger on touch-screen 105; may estimate a lengthof a finger or thumb based on a radius of a circular or arched or curvedswiping motion on touch-screen 105; may estimate the distance betweenthe tip of a finger or thumb and the palm of the hand, or the wrist; mayestimate other dimensions of hand-parts, or relations between such handparts; or the like. Physiological trait estimator 139 may thus estimatephysiological characteristics which may be unique to a particular user,and may assist in confirming user identity and/or in detecting anon-genuine user impersonating the genuine user.

Additionally or alternatively, correlator 131 may be associated with, ormay operate in conjunction with, a motor control estimator 138 which mayestimate user-specific motor control parameters based on the user'sinteraction with mobile device 100. Such parameters may include, forexample, parameters of the action-perception loop modeling the hand-eyecoordination, as well as control loop parameter, motor noise, perceptionnoise, or the like. Motor control estimator 138 may estimateuser-specific parameters of motor control, which may be more inherent tothe user and may be less action-dependent.

In a demonstrative implementation, for example, motor control estimator138 may track a user gesture on the touch-screen (e.g., a scroll orswipe gesture). The movement or gesture may begin at rest in astart-point (X₀, Y₀), and may end at rest in an end-point (X₁, Y₁). Ademonstrative control loop of the second order, for example, may assumethat the force of the hand is governed by a linear combination of twoerror terms: a translation error, and the current velocity error.

The translation error may be represented as:

Δx=(x ₁ −x(t))

The current velocity error may be represented as:

${\Delta \; v_{x}} = {\frac{}{t}{x(t)}}$

The control loop may be represented (for the X-axis, and similarly andseparately also for the Y-axis) as:

$\frac{^{2}{x(t)}}{t^{2}} = {{\alpha_{x}\Delta \; x} + {\beta_{x}v_{x}} + n_{x}}$

In the last equation, α_(x) and β_(x) are control loop parameters, andn_(x) is motor control noise (e.g., Gaussian random variable).Accordingly, motor control estimator 138 may estimate or may simulatetrajectories which may be similar to human trajectories; and although avelocity curve may be different for each movement of the same movement,the velocity curve may be generated by the same model parameters of thatspecific user. Motor control estimator 138 may thus estimate these threeparameters (for the X-axis, and/or for the Y-axis), thereby estimatinguser-specific motor control traits which may be used for differentiatingbetween a genuine user and an impersonator or attacker, regardless ofthe specific movement(s) or gesture(s) performed. The above is only ademonstrative example, and motor control estimator 138 may utilize othermotor control estimations, forward model(s), feedback model(s),estimation of similar peak velocity (or other movement properties) fordifferent movements (e.g., if the error terms are distorted by anon-linear function).

Additionally or alternatively, correlator 131 may identify user-specificbehavioral correlations. For example, correlator 131 may identify thatwhen a particular user performs a particular user-gesture, performanceof the gesture affects in a particular way the acceleration data and/orthe orientation/rotation data of device 100. Based on the user-specificbehavioral correlations, trait extractor 132 may extract user-specificbehavioral trait(s).

In a demonstrative example, trait extractor 132 may determine that forthe user Adam, a horizontal swipe gesture is typically associated with acounter-clockwise rotation in the range of 10 to 15 degrees around avertical axis (e.g., a rotation axis parallel to the longest dimensionof device 100); whereas, for the user Bob, a horizontal swipe gesture istypically associated with a clockwise rotation in the range of 5 to 10degrees (or, with substantially no rotation at all) around that verticalaxis. This may be subsequently used for user authentication or foridentity confirmation, to distinguish between a “genuine” user (e.g.,Adam) and a fraudulent user or non-genuine user (e.g., Bob) when theuser of device 100 performs a similar user gesture.

Correlator 131 may be configured to search for, and detect, otheruser-specific behavioral correlations, for example: correlations basedon the manner of holding device 100 (e.g., a primary angle of holding),and the effect of various user gestures on such holding or on theprimary angle of holding; correlations based on the stability or theshakiness of device 100 (e.g., optionally taking into account the amountand/or frequency and/or timing of hand vibrations or hand movements),and the effect of various user gestures on such device stability orshakiness, or on stability or shakiness of the hand of the user thatholds or operates device 100; correlations based on movement, spinning,rotation and/or acceleration of device 100, along one axis or two axesor three axes, as a result of (or concurrently with) a user gesture suchas, for example, tap, double-tap, prolonged tap, release, drag, drag anddrop, click, double-click, rotation or movement of an on-screen object,rotation of device 100 by 90 degrees or 180 degrees or 270 degrees,horizontal or vertical or diagonal swipe gesture, scroll gesture,zoom-in or zoom-out gestures, user operations on physical buttons orsliders or interface components of device 100 (e.g., volume interface,camera button, button for capturing an image or a video), or the like.

Correlator 131 may further detect correlations based on movement,spinning, rotation and/or acceleration of device 100, along one axis ortwo axes or three axes, that occur prior to or subsequent to a usergesture. For example, correlator 131 may detect that a first particularuser typically tilts the phone from being generally perpendicular to theground, to being generally parallel to the ground, immediately prior toperforming a zoom-out gesture (e.g., a “pinching” gesture with twofingers on touch-screen 105). Similarly, correlator 131 may detect thata second particular user typically rotates the phone counter-clockwise,immediately subsequent to performing a zoom-in gesture (e.g., spacingapart two fingers on touch-screen 105). In some implementations, forexample, a correlation may be detected while the user gesture isperformed, immediately before the user gesture is performed (e.g.,within 0.5 seconds prior to the user gesture), and/or immediately afterthe user gesture is performed (e.g., within 0.5 seconds subsequent tothe user gesture).

Optionally, correlator 131 may detect other suitable correlations, andmay take into account other types of readings or sensed data, forexample, data indicating a temperature or moisture level or sweat levelwhich may be associated with a user gesture, data indicating the amountof pressure or force applied by a user (e.g., when pressing ontouch-screen 105), or the like.

In a demonstrative example, a first user may typically scroll down withhis finger on touch-screen 105 while slightly rotating the mobile device100 around its longest axis; and a correlation may be identified betweenthe respective touch data and acceleration/orientation data, indicativeof the first user. In contrast, a second user may typically scroll downwhile maintaining the mobile device 100 non-rotating, or while rotatingmobile device 100 at a different direction or angle, or at a differentacceleration value, thereby allowing to identify a differentcorrelation, indicative of the second user.

Optionally, the present invention may identify, create and utilize afirst set of behavioral traits which correspond to the behavior of aparticular user when he is utilizing his mobile device in a firstholding scenario (e.g., when the user is holding the mobile device inhis hand), and a second (different) set of behavioral traits whichcorrespond to the behavior of that particular user when he is utilizinghis mobile device in a second holding scenario (e.g., when the mobiledevice is placed on a table or flat surface and the user operates themobile device without holding it). Accordingly, the present inventionmay create and utilize a behavioral profile for that user, which maycomprise multiple sub-profiles of behavioral traits that correspond tosuch multiple usage scenarios by the same (e.g., “genuine”) user. In asubsequent usage of the mobile device, the system may compare thebehavioral traits of the subsequent user, to each one (e.g., separately)of the pre-stored sets of behavioral traits (or behavioralsub-profiles), in order to detect or determine whether that subsequentuser is the “genuine” user operating in one of the known usagescenarios, or alternatively a fraudulent user or attacker. Similarly,the present invention may generate and/or utilize complex profiles thatmay comprise of sub-profiles or sets of traits (e.g., behavioral traits,physiological traits, motor control traits), such that each set orsub-profile may correspond to a particular usage scenario or aparticular holding scenario of the user; and a subsequent usage may becompared, separately, to each one of those sub-profiles (or sets oftraits) in order to determine user authenticity.

The terms “correlation”, “correlator”, “to correlate”, and similar orequivalent terms which may be used herein, are used for demonstrativepurpose only; they may include, for example, statistical correlation, orstatistically-significant correlation, or any other type of relation orindication or matching between two parameters or between groups ofvalues. In some embodiments, there need not be statistically-significantcorrelation between, for example, touch data and acceleration data, inorder to identify or extract unique user trait(s); but rather, there maybe other type of relation or matching between touch-data andacceleration data in order to determine such “correlation”.

In accordance with the present invention, mobile device 100 maycontinuously track and/or monitor the correlation between touch-data andacceleration/orientation data. Correlation values may be used todetermine user-specific traits, that are indicative of the user of themobile device 100, which may be regarded initially as the “genuine”user. Then, during subsequent usage of the mobile device 100,correlation between touch-data and acceleration/orientation data may betracked and identified, and may be compared to the correlationpreviously-determined for the genuine user, in order to confirm that acurrent user is indeed the genuine user, or in order to determine or toestimate that a current user is a non-genuine user.

In a demonstrative implementation, an application or a website may beaccessible through device 100 through an access control process or auser authentication process. Such application or website may be, forexample, an email account, a social network account, a video conferenceapplication, a chat application, an online banking application orwebsite, a securities trading application or website, an electroniccommerce account or website, or the like. The user may be prompted tocreate a new user account (e.g., define a username and password); andthen, or in parallel, user-specific traits may be captured throughpassive means and/or active means, which may be known to the user or maybe hidden from the user.

For example, a profile creation page or application may require the userto perform various touch operations (e.g., tapping, scrolling, dragging,or the like), and may capture touch data as well asacceleration/orientation data, which may then be correlated in order toidentify a biometric trait indicative of the user who is currentlycreating the profile, or who is otherwise believed to be a genuine user(e.g., based on password entry and/or responses to security questions orother challenge-response mechanisms). Optionally, an active challengemay be posed to the user, for example, by explicitly asking the user toperform one or more particular touch gestures on touch-screen 105,either as “hidden” challenges (in which the user is not aware that he isactively challenged for security purposes) or as non-hidden challenges(in which the user is advised that, as a security measure, he isrequired to perform certain touch gestures in order to extract biometrictraits).

Reference is made to FIG. 5, which is a flow-chart of a method inaccordance with some demonstrative embodiments of the present invention.The method may be implemented by a mobile electronic device, by one ormore hardware components and/or software modules of a mobile electronicdevice, by a system, or the like.

The method may include, for example, capturing at least one of touchdata, hovering data, motion data, gesture data (block 510).

The method may include, for example, capturing at least one ofacceleration data, gyroscope data, device orientation/rotation data,principal axes rotation data (e.g., normal axis or yaw, lateral axis orpitch, longitudinal axis or roll) (block 520).

The operations of block 520 may be performed simultaneously orconcurrently with, or in parallel to, the operations of block 510.

The method may include, for example, correlating or matching (block 530)between the data captured in block 510 and the data captured in block520.

The method may include, for example, extracting a user-specific trait(block 540) based on the correlating or matching of block 530. Theuser-specific trait may include, for example, one or more behavioraltraits, physiological traits, motor control traits, or otheruser-specific characteristics.

The method may include, for example, subsequently, confirming useridentity based on said user-specific trait (block 550).

Other suitable operations may be used in accordance with the presentinvention.

Some embodiments of the present invention may be utilized, or mayoperate, in conjunction with methods, algorithms, devices and/or systemswhich are described in PCT International Application NumberPCT/IL2011/000907, titled “Method and Device for Confirming ComputerEnd-User Identity”, published on Jun. 7, 2012 as InternationalPublication Number WO/2012/073233, which is hereby incorporated byreference in its entirety; and/or in U.S. patent application Ser. No.13/877,676, filed on Apr. 4, 2013, which is hereby incorporated byreference in its entirety.

In accordance with the present invention, correlation between touch-dataand acceleration/orientation data may be identified and/or checkedlocally in mobile device 100; or remotely, such as in a remote serverwhich may receive such data via a wireless communication link frommobile device 100; or by using other suitable architecture, for example,a hybrid architecture in which some operations may be performed locallyand other operations may be performed remotely. Accordingly, componentsor modules that are depicted, for demonstrative purposes, as beingincluded in mobile device 100, may be implemented at a remote server orwithin other suitable units. The present invention may be implemented ina stand-alone mobile device, such that data collection and processingmay be performed within device 100; or in a client-server architecture,such that device 100 may collect data and may wirelessly transmit thecollected data to a remote server for processing and analysis; or in a“cloud computing” architecture in which data is stored remotely and isalso processed remotely. Other suitable architectures may be used, todeploy a system in which a particular mobile device “knows” orrecognizes its genuine user, or, to deploy a system in which aparticular application or website “know” or recognize a genuine user,based on the above-mentioned correlations.

In a demonstrative experiment in accordance with the present invention,multiple participants were asked to hold a particular mobile device (aniPad tablet), to drag (with a finger) a displayed green circle towards adisplayed red target, and then to release the dragged item once itreached the red target. Accelerometer data and touch data were collectedwhile performing the requested operations.

The experiment measured the touch and release signals, as well asaccelerometer measurements; and then triggered the acceleration dataaccording to the touch time. FIG. 2 depicts three graphs 201-203, whichdemonstrate acceleration as a function of time over three separate axes,thereby demonstrating at least two identifying characteristics which maybe used as a user-specific trait. As a first identifying characteristic,the phasic level (observed at the X axis) may have different values fordifferent people, corresponding to different posture of the mobiledevice. As a second identifying characteristic, the transient shape oncethe device is clicked (observed at the Z axis) may have different valuesfor different people. This data may be transformed or analyzed, forexample, by using dimension reduction techniques (e.g.,kernel-principle-component-analysis), thereby demonstrating thebiometric capability of synergizing between touch data and accelerationdata.

Reference is made to FIG. 3, which demonstrates a graph 300 of the mainaxes of the dimension-reduced space of the accelerometer reaction totapping. Each small item in graph 300 represents one trial, and eachshape or character in graph 300 (e.g., circle, square, diamond,triangle) represents a different user. This drawing demonstratesidentifiable clusters 301-309 of trials, each such cluster correspondingto a different user.

In certain scenarios, posture data (e.g., phasic response) may beneglected or may not be available, for example, if the mobile device isoperated while being placed on a table or a flat surface and is nothand-held by the user. In such scenarios, only the device's kinematicsduring taps may be taken into account, and still the present inventionmay capture sufficient information for biometric functions. Reference ismade to FIG. 4 which illustrates a graph 400 depicting the featurespace, where each dot represents a trial; greyed circles representtrials performed by one particular user, and black circles representtrials performed by the other participants. This drawing demonstratesdimension reduction when only the device's kinematics are taken intoaccount, showing that, still, sufficient significant biometricinformation may be captured and determined.

The present invention may be used in order to automatically identifythat a user (e.g., an attacker or a “fraudster”) is attempting to poseas (or impersonate, or “spoof”) another user (e.g., the “real” user orthe genuine user). In accordance with the present invention, theattacker would need to carefully and correctly imitate the exactaccelerometer response for tapping (or for other suitable touch-screenoperations, such as scrolling, dragging, releasing), taking into accountthe particular kinematics properties of the genuine user; and suchimitation may be extremely difficult and unlikely, or even impossible,for most attackers.

The present invention may utilize signal processing and/or machinelearning techniques, in order to build or generate a template model or aprofile which corresponds to the genuine user; and then comparesubsequent instance(s) or sample(s) to the pre-built (and locallystored, or remotely stored) model or profile. If the subsequent samplesare consistent with the pre-built model or profile, then a first outputscore may be generated (e.g., having a high value in a predefinednumeric range, such as a value of 98 on a scale of 0 to 100); whereas,if the subsequent samples are inconsistent with the pre-built model orprofile, then a second output score may be generated (e.g., having alower value on the predefined numeric range, such as a value of 34 onthe scale of 0 to 100). In some implementations, an output score greaterthan a threshold value may be used (alone, or in combination with otherbiometric traits and/or other authentication measures) as an indicationthat the current user is the genuine user; whereas an output score lowerthan the threshold value may be used (alone, or in combination withother biometric traits and/or other authentication measures) as anindication that the current user is not the genuine user.

The present invention may further be used to differentiate ordistinguish between the genuine (human) user, and a robot or amachine-operable module or function (e.g., implemented as a computervirus, a Trojan module, a cyber-weapon, or other malware) which attemptsto automatically imitate or emulate or simulate movement of a cursor orother interaction with a touch-screen. For example, false identitycreated by automated malware may be detected by the present invention assuch automated malware may lack the characterization of human (e.g.,manual) behavior, such as the touch features (e.g., speed, pressure)and/or its accelerometer correlated measurements.

The present invention may operate and may provide an efficient biometricor user-authentication modality, without capturing, storing, orotherwise identifying any Personally Identifiable Information (PII). Forexample, the present invention may be used to distinguish between agenuine user and a fraudster, without knowing any PPI of the genuineuser and/or of the fraudster.

The present invention may detect correlations and extract user-specifictraits based on passive data collection and/or based on activechallenges. In passive data collection, the mobile device may detectthat the user is performing a particular operation (e.g., a verticalscroll gesture), and may further detect that performing this gestureaffects in a user-specific way the acceleration and/or theorientation/rotation of the mobile device. In an active challenge, themobile device (or an application or process thereof) may activelypresent a challenge to the user, such as, a requirement to the user toperform horizontal scrolling, in order to capture data and detectuser-specific correlation(s). The active challenge may be hidden or maybe unknown to the user, for example, implemented by creating a GraphicalUser Interface (GUI) that requires the button to scroll in order toreach a “submit” button or a “next” button or a “continue” button,thereby “forcing” the user to unknowingly perform a particularuser-gesture which may be useful for correlation detection or forextraction of user-specific traits, as described. Alternatively, theactive challenge may be known to the user, and may be presented to theuser as an additional security feature; for example, by requesting theuser to drag and drop an on-screen object from a first point to a secondpoint, as an action that may be taken into account for confirming useridentity.

Some embodiments of the present invention may be implemented, forexample, as a built-in or integrated security feature which may be acomponent or a module of a mobile device, or may be a downloadable orinstall-able application or module, or plug-in or extension; or as amodule of a web-site or web-page, or of a client-server system or a“cloud computing” system; or as machine-readable medium or article ormemory unit able to store instructions and/or code which, when executedby the mobile device or by other suitable machine (e.g., a remoteserver, or a processor or a computer) cause such machine to perform themethod(s) and/or operations described herein. Some units, components ormodules, that are shown in FIG. 1 for demonstrative purposes ascomprised within mobile device 100, may be implemented externally tomobile device 100, may be implemented in a remote server, a web server,a website or webpage, a “cloud computing” server or database, aclient/server system, a distributed system, a peer-to-peer network orsystem, or the like.

In some embodiments of the present invention, the analysis orcorrelation or matching (e.g., between accelerometer/gyroscope data, andtouch-data or hovering data or other user-gesture data) may belocation-based and/or application-based, or may otherwise take intoaccount a geographical location or geo-spatial location of the mobiledevice or the application(s) being used or that are installed on thedevice. In a demonstrative example, a suitable module (e.g., alocation-aware module or location-determining module) in the mobiledevice may determine the current location of the mobile device, based onGPS data or Wi-Fi data or cellular triangulation data or mobile networkcell data or other location-identification techniques. The mobile phonemay then utilize a suitable module (e.g., a correlator or matchingmodule between location and user-specific behavioral usage traits) inorder to deduce or determine, for example: that when the user utilizeshis mobile device in a first location (e.g., in his office), then themobile phone is typically placed horizontally on a flat surface (e.g., atable); that when the user utilizes his mobile phone in a secondlocation or type of location (e.g., outdoor, on the street, in thepark), then the mobile phone is typically held by the hand of the userat a slanted angle or diagonally (e.g., at approximately 45 to 60degrees relative to the ground); that when the user utilizes his mobilephone in a third location or type of location (e.g., at a Point-Of-Sale(POS) terminal or register or cashier, at a supermarket or a retailstore), then the mobile phone is typically held generally horizontallyby the hand of the user (e.g., generally parallel to the ground); thatwhen the user utilizes his mobile phone in a fourth location or type oflocation (e.g., at an Automatic Teller Machine (ATM) or a vendingmachine), then the mobile phone is typically held generally verticallyby the hand of the user (e.g., at an angle of approximately 90 degrees,or between 80 to 100 degrees, relative to the ground); or the like.These determinations may be location-based or location-aware, therebytriangulating or crossing among three dimensions, namely, behavioraluser-specific traits (e.g., holding the phone diagonally), gesture data(e.g., performing a scroll-down gesture), and location data (e.g., whenutilizing the phone at a retailer); and such determinations may be partof the user-specific profile of that user. In a subsequent usage of themobile device, similar determinations may be made, in order to analyzewhether or not a current user is indeed the same user as in previoususage session(s) or is a “genuine” user. In a demonstrative example,this three-prone approach may raise an alert if, for example, typicallythe user of the mobile device holds his mobile device horizontally whenperforming a scroll-operation at a Point of Sale terminal; and in asubsequent usage session of the mobile device, a user holds that phonevertically when performing a scroll-operation at such Point of Saleterminal, thereby indicating that the subsequent user may not be thegenuine or authorized user of the mobile device. In some embodiments,these multi-prone determinations may further be augmented with, ormatched or correlated with, application-specific data orapplication-specific determinations, in order to improve the tailoringof the behavioral traits to the specific user. For example, the mobiledevice may differentiate and determine that the genuine user typicallyholds the phone vertically (e.g., anywhere, or in a particular locationor type of location) when utilizing the camera application of the mobiledevice, but typically holds the phone horizontally (e.g., anywhere, orin that particular location or type of location) when utilizing theaddress book application of the mobile device; and these user-specifictraits may be extracted and subsequently compared to data captured in asubsequent usage session of that mobile device, to authenticate useridentity.

The present invention may be used in conjunction with various suitabledevices and systems, for example, various devices that have atouch-screen; an ATM; a kiosk machine or vending machine that has atouch-screen; a touch-keyboard; a system that utilizes Augmented Reality(AR) components or AR glasses (e.g., Google Glass); a device or systemthat may detect hovering gestures that do not necessarily touch on thescreen or touch-screen; a hovering screen; a system or device thatutilize brainwave analysis or brainwave control in which the user'sbrainwaves are captured or read and the user's brain may directlycontrol an application on the mobile device; and/or other suitabledevices or systems.

Although portions of the discussion herein relate, for demonstrativepurposes, to wired links and/or wired communications, some embodimentsof the present invention are not limited in this regard, and may includeone or more wired or wireless links, may utilize one or more componentsof wireless communication, may utilize one or more methods or protocolsof wireless communication, or the like. Some embodiments may utilizewired communication and/or wireless communication.

Functions, operations, components and/or features described herein withreference to one or more embodiments of the present invention, may becombined with, or may be utilized in combination with, one or more otherfunctions, operations, components and/or features described herein withreference to one or more other embodiments of the present invention.

While certain features of the present invention have been illustratedand described herein, many modifications, substitutions, changes, andequivalents may occur to those skilled in the art. Accordingly, theclaims are intended to cover all such modifications, substitutions,changes, and equivalents.

What is claimed is:
 1. A method for confirming identity of a user of amobile electronic device, the method comprising: receiving touch datafrom a touch-screen of the mobile electronic device; receivingacceleration data from an accelerometer of the mobile electronic device;correlating between the touch data and the acceleration data; based onthe correlating, generating a user-specific trait indicative of saiduser.
 2. The method of claim 1, comprising: storing a reference value ofthe user-specific trait, indicative of said user; in a subsequent usagesession of the mobile electronic device, generating a current value ofthe user-specific trait correlating between touch data and accelerationdata; and based on a comparison between the current value of theuser-specific trait and the reference value of the user-specific trait,determining whether or not a current user of the mobile electronicdevice is an authorized user of the mobile electronic device.
 3. Themethod of claim 2, wherein storing comprises storing within said mobileelectronic device, and wherein said comparison is performed within saidmobile electronic device.
 4. The method of claim 2, wherein storingcomprises storing externally to said mobile electronic device; andwherein said comparison is performed externally to said mobileelectronic device, and comprises wirelessly receiving at the mobileelectronic device an indication of said comparison.
 5. The method ofclaim 1, wherein said touch data comprises non-tactile touch dataindicating a hovering user gesture in proximity to said touch-screen. 6.The method of claim 1, comprising: receiving gyroscope data from agyroscope of the mobile electronic device; correlating between the touchdata and the gyroscope data; based on the correlating between the touchdata and the gyroscope data, generating another user-specific traitindicative of said user.
 7. The method of claim 1, comprising: capturingnon-tactile motion data indicating a user gesture; correlating betweenthe non-tactile motion data and the acceleration data; based on thecorrelating between the non-tactile motion data and the accelerationdata, generating another user-specific trait indicative of said user. 8.The method of claim 1, comprising: comparing between (a) acurrently-calculated value of the user-specific trait, corresponding toa current usage of the mobile electronic device, and (b) apreviously-calculated value of the user-specific trait, corresponding toa previous usage of the mobile electronic device; and based on acomparison result, performing at least one of: restricting access ofsaid user to an online service; restricting access of said user to anapplication installed on said mobile electronic device; requiring theuser to authenticate his identity to an online service; requiring theuser to authenticate his identity to an application installed on saidmobile electronic device.
 9. The method of claim 1, comprising: based onsaid touch data, estimating user-specific motor control parameters anduser-specific motor control noise; and based on the estimateduser-specific motor control parameters and user-specific motor controlnoise, differentiating between said user and another user.
 10. Themethod of claim 1, comprising: based on said touch data, estimatinguser-specific motor control parameters and user-specific motor controlnoise of a control loop which comprises translation error and gesturevelocity error; and based on the estimated user-specific motor controlparameters and user-specific motor control noise, differentiatingbetween said user and another user.
 11. The method of claim 1,comprising: based on said correlating, estimating a user-specificphysiological trait of said user; and based on the user-specificphysiological trait, differentiating between said user and another user.12. The method of claim 11, wherein estimating the user-specificphysiological trait of said user comprises at least one of: estimating alength of a finger of the user; estimating a width of a finger of theuser; estimating a size-related parameter of a finger of the user;estimating a distance between a tip of a finger of the user and anotherpart of a hand of the user.
 13. The method of claim 1, comprising: basedon said correlating, estimating a user-specific behavioral trait of saiduser; and based on the user-specific behavioral trait, differentiatingbetween said user and another user.
 14. The method of claim 13, whereinestimating the user-specific behavioral trait of said user comprises:determining that said user typically performs a particular inadvertentgesture while performing a user-intended input-providing gesture. 15.The method of claim 13, wherein estimating the user-specific behavioraltrait of said user comprises one or more of: determining that said usertypically moves the mobile electronic device at a particular directionwhile performing a touch gesture; determining that said user typicallyrotates the mobile electronic device while performing a touch gesture;determining that said user typically slants the mobile electronic deviceat a particular angle while performing a touch gesture.
 16. The methodof claim 13, wherein estimating the user-specific behavioral trait ofsaid user comprises: determining that said user typically holds themobile electronic device with a first hand of the user and concurrentlyperforms an input-providing gesture with a second hand of the user. 17.The method of claim 13, wherein estimating the user-specific behavioraltrait of said user comprises: determining that said user typically holdsthe mobile electronic device with a single hand and concurrentlyperforms an input-providing gesture with said single hand.
 18. Themethod of claim 1, comprising: based on said correlating, estimating afirst user-specific behavioral trait of said user which corresponds to afirst usage scenario; based on said correlating, estimating a seconduser-specific behavioral trait of said user which corresponds to asecond usage scenario; based on the first and second user-specificbehavioral traits, differentiating between said user and another user.19. The method of claim 1, comprising: based on said correlating,estimating a first user-specific behavioral trait of said user whichcorresponds to a first usage scenario in which said user operates saidmobile electronic device while the user holds said mobile electronicdevice; based on said correlating, estimating a second user-specificbehavioral trait of said user which corresponds to a second usagescenario in which said user operates said mobile electronic device whilethe user does not hold said mobile electronic device; based on the firstand second user-specific behavioral traits, differentiating between saiduser and another user.
 20. A mobile electronic device configured toconfirm identity of a user of said mobile electronic device, the mobileelectronic device comprising: a touch-screen to receive touch data; anaccelerometer to receive acceleration data; a correlator module tocorrelate between the touch data and the acceleration data; a traitextractor module to generate a user-specific trait indicative of saiduser, based on correlation between the touch data and the accelerationdata.